【发布时间】:2021-02-04 21:49:56
【问题描述】:
我知道在 Spring Security 中会出现以下情况:
There was an unexpected error (type=Internal Server Error, status=500).
There is no PasswordEncoder mapped for the id "null"
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
解决方案是定义一个PasswordEncoder。为简单起见,可以定义以下内容:
@Bean
PasswordEncoder encoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
现在,在幕后,createDelegatingPasswordEncoder() 方法是如何定义的(到目前为止,它适用于 Spring Security 5.4.2)(有关更多详细信息,请参阅PasswordEncoderFactories 类):
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256",
new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
encoders.put("argon2", new Argon2PasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}
现在关于 BCryptPasswordEncoder 类,它适用于一些默认值,例如:
- 版本:
$2a - 实力:
10
如果声明以下内容会发生什么:
@Bean
PasswordEncoder bcryptEncoder() {
return new BCryptPasswordEncoder(BCryptVersion.$2Y, 12);
}
如何添加或覆盖使用 custom BCryptPasswordEncoder 创建的 default BCryptPasswordEncoder 到默认设置中?我想保留所有其他默认值
注意:在PasswordEncoderFactories 类中(对于createDelegatingPasswordEncoder 方法),DelegatingPasswordEncoder 类在后台使用。该类也不提供覆盖的方法。
【问题讨论】:
标签: spring-security